Les articles publiés sur le site
-
29 novembre 2019, par Andrey Astafyev
Both files are checked for EOF
- [DH] src/utils/flacdiff/main.cpp
-
24 novembre 2019, par Erik de Castro Lopo
libFLAC/bitwriter.c: Add sanity check to prevent excessive allocation
When fuzzing the encoder it is possible to cause the encoder to
allocate huge amounts of memory. Sanity check for the number of
bits to grow the bitwrite capacity and returning false (indicating
memory allocation failed) prevents this and seems to have no effect
in the encoding of non-fuzzing inputs.
Credit: Oss-Fuzz
Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17273
Testcase: fuzzer_encoder-5640245298593792
- [DH] src/libFLAC/bitwriter.c
-
24 novembre 2019, par Erik de Castro Lopo
libFLAC/bitreader.c: Fix shift invoking undefined behaviour
Credit: Oss-Fuzz
Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19067
Testcase: fuzzer_decoder-5725157960450048
- [DH] src/libFLAC/bitreader.c
-
21 novembre 2019, par Erik de Castro Lopo
libFLAC/bitreader.c: Fix shift invoking undefined behaviour
Credit: Oss-Fuzz
Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19036
Testcase: fuzzer_decoder-5679084202098688
- [DH] src/libFLAC/bitreader.c
-
19 novembre 2019, par NotTsunami
cmake/configure.ac: Enable -fstack-protector-strong by default
This commit contains the following changes:
- Drops -fstack-protector in favor of -fstack-protector-strong.
Consequently, the ssp-buffer-size parameter has been removed as
-fstack-protector-strong ignores array size.
- Add new global opt-out for stack smash protection. This is enabled
by default for both autotools and CMake builds. Users can opt out
of stack smash protection by passing -DWITH_STACK_PROTECTOR=OFF to
CMake or --disable-stack-smash-protection when running ./configure.
- Renames HAVE_SSP_FLAG to HAVE_STACK_PROTECTOR_FLAG in
CMakeLists.txt to be more readable.
- [DH] CMakeLists.txt
- [DH] configure.ac
- [DH] m4/stack_protect.m4
